Lucene search

K
oraclelinuxOracleLinuxELSA-2020-5569
HistoryMar 15, 2020 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2020-03-1500:00:00
linux.oracle.com
111

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

[4.14.35-1902.11.3]

  • xfs: do async inactivation only when fs freezed (Junxiao Bi) [Orabug: 31013775]
    [4.14.35-1902.11.2]
  • ib/core: Cancel fmr delayed_worker when in shutdown phase of reboot system (Hans Westgaard Ry) [Orabug: 30967501]
  • Revert ‘printk: Default console logging level should be set to 4’ (Cesar Roque) [Orabug: 30833249]
  • cgroup: psi: fix memory leak when freeing a cgroup work function (Tom Hromatka) [Orabug: 30903264]
    [4.14.35-1902.11.1]
  • xfs: fix deadlock between shrinker and fs freeze (Junxiao Bi) [Orabug: 30657780]
  • xfs: increase the default parallelism levels of pwork clients (Darrick J. Wong) [Orabug: 30657780]
  • xfs: decide if inode needs inactivation (Darrick J. Wong) [Orabug: 30657780]
  • xfs: refactor the predicate part of xfs_free_eofblocks (Darrick J. Wong) [Orabug: 30657780]
  • mwifiex: fix unbalanced locking in mwifiex_process_country_ie() (Brian Norris) [Orabug: 30781858] {CVE-2019-14895}
  • mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Ganapathi Bhat) [Orabug: 30781858] {CVE-2019-14895} {CVE-2019-14895}
  • ipmi_ssif: avoid registering duplicate ssif interface (Kamlakant Patel) [Orabug: 30916684]
  • ipmi: Fix NULL pointer dereference in ssif_probe (Gustavo A. R. Silva) [Orabug: 30916684]
  • uio: Fix an Oops on load (Dan Carpenter) [Orabug: 30897832]
  • drm/i915: Fix use-after-free when destroying GEM context (Tyler Hicks) [Orabug: 30860457] {CVE-2020-7053}
  • xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (Darrick J. Wong) [Orabug: 30788113]
  • slub: extend slub debug to handle multiple slabs (Aaron Tomlin) [Orabug: 30903135]
  • RAS/CEC: Fix binary search function (Borislav Petkov) [Orabug: 30897849]
  • CIFS: fix POSIX lock leak and invalid ptr deref (Aurelien Aptel) [Orabug: 30809456]
  • rds: Avoid flushing MRs in rds_rdma_drop_keys (aru kolappan) [Orabug: 30681066]
    [4.14.35-1902.11.0]
  • rds: Avoid qp overflow when posting invalidate/register mr with frwr (Hans Westgaard Ry) [Orabug: 30888677]
  • rds: Use bitmap to designate dropped connections (Hakon Bugge) [Orabug: 30852643]
  • rds: prevent use-after-free of rds conn in rds_send_drop_to() (Sharath Srinivasan) [Orabug: 30865079]
  • media: b2c2-flexcop-usb: add sanity checking (Oliver Neukum) [Orabug: 30864532] {CVE-2019-15291}
  • KVM: vmx: use MSR_IA32_TSX_CTRL to hard-disable TSX on guest that lack it (Paolo Bonzini) [Orabug: 30846856]
  • KVM: vmx: implement MSR_IA32_TSX_CTRL disable RTM functionality (Paolo Bonzini) [Orabug: 30846856]
  • KVM: x86: implement MSR_IA32_TSX_CTRL effect on CPUID (Paolo Bonzini) [Orabug: 30846856]
  • KVM: x86: do not modify masked bits of shared MSRs (Paolo Bonzini) [Orabug: 30846856]
  • KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES (Paolo Bonzini) [Orabug: 30846856]
  • xen/ovmapi: whitelist more caches (Boris Ostrovsky) [Orabug: 30837856]
  • mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (qize wang) [Orabug: 30819438] {CVE-2019-14901}
  • drm/i915/gen9: Clear residual context state on context switch (Akeem G Abodunrin) [Orabug: 30773852] {CVE-2019-14615} {CVE-2019-14615}
  • rds: unlock rs_snd_lock before calling rhashtable_insert_fast (aru kolappan) [Orabug: 30734590]

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C